Overview

overview

10

Static

static

1

FL64 (scaled).exe

windows7-x64

5

FL64 (scaled).exe

windows10-2004-x64

5

FL64.exe

windows7-x64

5

FL64.exe

windows10-2004-x64

5

FLEngine_x64.dll

windows7-x64

10

FLEngine_x64.dll

windows10-2004-x64

5

FLEngine_x...y1.dll

windows7-x64

5

FLEngine_x...y1.dll

windows10-2004-x64

5

FLEngine_x...y2.dll

windows7-x64

5

FLEngine_x...y2.dll

windows10-2004-x64

5

FLEngine_x...y3.dll

windows7-x64

5

FLEngine_x...y3.dll

windows10-2004-x64

5

FLEngine_x...y4.dll

windows7-x64

5

FLEngine_x...y4.dll

windows10-2004-x64

5

FLEngine_x...y5.dll

windows7-x64

5

FLEngine_x...y5.dll

windows10-2004-x64

5

Analysis

  • max time kernel
    135s
  • max time network
    209s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-05-2024 18:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FLEngine_x64_Copy3.dll

  • Size

    63.3MB

  • MD5

    06bb6dde5c9adbac93470ed86ce7d5ff

  • SHA1

    46fc43590d6d4c4f04f23ab0eb6f8f602e7e731a

  • SHA256

    2a44a8af200c4ee36de4b0f91471ffca82ce25e0fe90401d64a9d4c01b9f9525

  • SHA512

    5399dbdf1c523ae86956b3a774996cbe0276fb1ca08919564f7669e8cb695711dc9830cbf751cf4479d2bb08f982193c22e00a8be34c5466c9567287a45d8c23

  • SSDEEP

    786432:iJfMakY21meWZcB9fM/4F+cJ/HKYVVCmS0fkrw632FfsjA2E27Dy:ek+W/FRsYVV0/rVmEE2h7+

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\FLEngine_x64_Copy3.dll,#1
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:4804

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4804-0-0x00007FF902AD0000-0x00007FF902AD2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4804-1-0x0000000062770000-0x00000000667F7000-memory.dmp

    Filesize

    64.5MB

    Download

  • memory/4804-2-0x0000000066377000-0x000000006640A000-memory.dmp

    Filesize

    588KB

    Download

  • memory/4804-3-0x0000000062770000-0x00000000667F7000-memory.dmp

    Filesize

    64.5MB

    Download